About this Course

This is a 3-day high impact course  and on successfully completing the course, delegates will be capable of performing effective internal audits of a company’s information security management systems and reporting the outcome. They will be able to audit a company’s information security management system and determine whether or not it meets the requirements of the relevant audit criteria. The course covers details of the requirements of ISO/IEC 27001:2005 and auditing requirements as per ISO 19011:2002.

TOPICS COVERED:

• Introduction to Information Security Management and risk management –  An introduction to different aspects of information assets and risk assessment.
  
• Detailed review of the requirements of ISO/IEC 27001:2005 main clauses and learning the use of Annexure A.
  
• Audits – An explanation of audits, their purpose and planning, and the way to approach, perform and report an audit.
  
• Hands on exercises on NCR  reporting / investigation
  
• Auditors – Their responsibilities, personal attributes and auditor selection. Auditor Certification Scheme.
  
• Delegate Assessment – Assessment is carried out by continuous assessment of delegate performance throughout the theoretical and practical phases.
  

INTENDED AUDIENCE:

All levels of company members from Chief Executive to Workforce. This course is not only a requirement for those who are to be used for internal information security audits, but also an essential course for Senior Management, Information Security Managers and Line Management who wish to have and be part of a successful and effective Information Security System.

EXAMINATIONS:

There will be an examination towards the end of the course.  Those who has passed this examinations will receive the certificate issued by BVQI.

Rate this course:

Log in to submit

Comments